public void a_limited_user_CAN_send_and_receive_messages_on_existing_routes() { // Admin connection to make the routing _messaging.CreateDestination <IMetadataFile>("test_permissions", Expires.Never); // Limited user to use it var credentials = _query.GetLimitedUser("test_permissions"); // connect using the limited user var config = new MessagingBaseConfiguration() .WithDefaults() .WithConnection(ConfigurationHelpers.RabbitMqConnectionWithConfigSettingsAndCustomCredentials( credentials.UserName, credentials.Password )); var limitedConn = config.GetMessagingBase(); // Do a round-trip on the limited account with the admin's routing limitedConn.SendMessage(new SuperMetadata { Contents = "Hello" }); var result = limitedConn.GetMessage <IMetadataFile>("test_permissions"); // Check it worked Assert.That(result, Is.Not.Null, "Message did not get through"); Assert.That(result.Contents, Is.EqualTo("Hello"), "Got the wrong message"); _query.DeleteUser(credentials); }
public void a_limited_user_can_NOT_add_routing() { var credentials = _query.GetLimitedUser("test_permissions"); var config = new MessagingBaseConfiguration() .WithDefaults() .WithConnection(ConfigurationHelpers.RabbitMqConnectionWithConfigSettingsAndCustomCredentials( credentials.UserName, credentials.Password )); var limitedConn = config.GetMessagingBase(); bool ok = false; try { // Should not be able to do this: limitedConn.CreateDestination <IMetadataFile>("test_permissions", Expires.Never); } catch (Exception ex) { Console.WriteLine(ex); ok = ex.Message.Contains("ACCESS_REFUSED"); } _query.DeleteUser(credentials); Assert.That(ok, Is.True, "Create destination passed, but should have been blocked"); }
public void a_limited_user_can_NOT_delete_an_existing_destination() { // Admin connection to make the routing _messaging.CreateDestination <IMetadataFile>("test_permissions", Expires.Never); // Limited user to use it var credentials = _query.GetLimitedUser("test_permissions"); var limitedConn = ConfigurationHelpers.RabbitMqConnectionWithConfigSettingsAndCustomCredentials( credentials.UserName, credentials.Password ); bool ok = false; try { limitedConn.WithChannel(conn => conn.QueueDelete("test_permissions", false, false)); } catch (Exception ex) { Console.WriteLine(ex); ok = ex.Message.Contains("ACCESS_REFUSED"); } _query.DeleteUser(credentials); Assert.That(ok, Is.True, "QueueDelete passed, but should have been blocked"); }